Cybersecurity breaches in 2018: What We Learned

In 2018 technology touches nearly every aspect of our life. But no innovation seems to come without some form of drawback or compromise. While technology has undoubtedly improved most of our lives, it has also brought new risks that we all find a way to balance – or in some cases choose to ignore. The number of cybersecurity breaches in 2018 speak to this risk.

From the energy industry, to local governments, to something that hits a little closer to home for most – Facebook – it seems like cybersecurity breaches were constantly in the news. As 2018 draws to a close I wanted to discuss some of the cybersecurity stories from 2018 and what we can learn from them.

Cybersecurity and the Olympics

This past winter, all eyes—including hackers’–were turned to PyeonChang for the 2018 Olympics. From the very start, the games faced a slew of cybersecurity threats. On the very first day, a computer virus was used to attack the opening ceremony. While increased connectivity and use of smart technologies for performance and judging the Olympics made the games more exciting than ever, it also led to increased vulnerabilities and a need for airtight cybersecurity strategies. This year’s 2018 winter games was just one example of how diverse stakeholders—including government, event sponsors, technology supplies and cyber security at events—will have to come together to build an effective strategy against cyber threats at massive events.

The Energy Industry Under Threat

The early months of 2018 highlighted the extent to which the energy industry has become a target of hackers. In March, the US Department of Homeland Security reported that Russian hackers had accessed the control rooms of U.S. electric utilities. Such breaches had been preceded by earlier attacks on electric power grids in the Ukraine in 2017. In attempts to address such threats, the North American Reliability Corporation (NERC) has hosted grid security exercises to prepare stakeholders to handle such attacks. These exercises have stressed the need for coordination and communication during a cyberattack. As the energy industry works to handle the threat of cyberattacks, the correct training and tools for communication will be critical.

Atlanta and Cybersecurity in Local Governments

Perhaps one of the most prominent cybersecurity breaches in 2018 was the cyberattack on my own city – Atlanta. In March, the Atlanta municipal government was targeted by a ransomware cyberattack. The result? The city was pushed back decades—with departments being forced to work manually, police filing reports by hand and city workers reporting via time clocks. The attack ultimately cost the city more than $20 million. But Atlanta was no isolated case. One survey has found that most local governments experience cyberattacks daily. The Atlanta case was a wake-up call, as it has highlighted the lack of preparation and a reliance on generation-old technology, prevalent among local governments. Times are changing and local governments must also change in order to keep up with the new world risks.

Facebook and Privacy

In perhaps one of the biggest cybersecurity stories of the year, Facebook announced in September that an attack on its computer network had exposed the personal information of nearly 50 million users. Too often we share our data without thinking about the risks or how it is used for monetization. We need to be careful when sharing information on social media, emails, and apps—and the Facebook breach attests to that. The results of this breach are still impacting Facebook and the vendor community and will continue into the future as privacy starts to gain even more attention.

The Marriot Breach and What It Could Mean for Future Cyberbreaches

And just this month, a data breach exposed the records of up to 500 million customers at the Marriot-owned Starwood hotel. Details are still emerging, but it appears to be the work of a foreign intelligence service. This breach, which is one of the largest to have occurred in recent years, lasted four years before it was discovered. It is yet another call to business leaders to prioritize cyber security and be innovative in the ways they prepare companies for cyber threats.

There were many other cybersecurity breaches in 2018 and while it may seem daunting to look back at them, reviewing them can help us prepare for 2019. As we move forward, we need to prioritize cybersecurity and data privacy. 2019 is sure to bring exciting technological developments and innovation; lets be prepared to meet the cybersecurity challenges that accompany them.

From myself and everyone at Vaporstream, happy new year.

To find out how Vaporstream can help you in your cybersecurity strategy, contact us today.